CN103002071B - address resolution processing method and device - Google Patents
address resolution processing method and device Download PDFInfo
- Publication number
- CN103002071B CN103002071B CN201210573158.9A CN201210573158A CN103002071B CN 103002071 B CN103002071 B CN 103002071B CN 201210573158 A CN201210573158 A CN 201210573158A CN 103002071 B CN103002071 B CN 103002071B
- Authority
- CN
- China
- Prior art keywords
- message
- neighbours
- address
- priority
- unallocated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention provides a kind of address resolution processing method and device, the method comprises: judge whether the IPv6 address in the neighbours' message in router is unallocated address; The neighbours' message that is unallocated address to IPv6 address is processed accordingly, preferentially other neighbours' message the neighbours' message that is unallocated address except this IPv6 address is carried out to address resolution processing; Wherein, this neighbours' message is neighbor advertisement message or neighbor request message.
Description
Technical field
The present invention relates to data communication technology, relate in particular to a kind of address resolution processing method and device.
Background technology
In the process of finding neighbours, main frame, by multicast mode, will carry IPv6 address and multicast groundThe neighbor request message of location sends in the mode of multicast, receives the IPv6 joint of this neighbor request messagePoint (being router), when identical in the IPv6 address that judges the IPv6 address and this self of asking,IPv6 address resolution in this neighbor request message is become to link layer address, to not executive address solution of multicast addressAnalyse. Then, this IPv6 node is again in the mode of clean culture, and the link layer address that parsing is obtained is carried at phaseIn the neighbor advertisement message of answering, send to this main frame.
But, in above-mentioned neighbor discovery process, when the IPv6 address in neighbor request message is not for dividingWhile joining address, because the subnet scoping of default IPv6 address is IPv6/64, the scope that it covers veryBig, the address number comprising is also very large, and therefore, router will spend a large amount of time and go to resolve largeThe unallocated address of amount, thus cause assailant to utilize above-mentioned situation to initiate denial of service (DenialofService; Be called for short: DoS) attack, the available resources of a large amount of consumption routers, and cause new establishingCan form new IPv6 MPTS for not joining new network as scheduled, even can cause depositingIPv6 MPTS be interrupted.
Summary of the invention
The invention provides a kind of address resolution processing method and device, for prevent address resolution procedure because ofExtraneous and the DoS attack phenomenon that causes.
A first aspect of the present invention is to provide a kind of address resolution processing method, comprising:
Judge whether the IPv6 address in the neighbours' message in router is unallocated address;
The neighbours' message that is unallocated address to IPv6 address is processed accordingly, with preferentially to described in removingIPv6 address is that other neighbours' message outside neighbours' message of unallocated address is carried out address resolution processing;
Wherein, described neighbours' message is neighbor advertisement message or neighbor request message.
A second aspect of the present invention is to provide a kind of address resolution treating apparatus, comprising:
Judge module, for judging whether the IPv6 address in neighbours' message of router is unallocated groundLocation;
Processing module, for being that neighbours' message of unallocated address is processed accordingly to IPv6 address;
Address resolution module is neighbours' message of unallocated address to IPv6 address for described processing moduleAfter processing accordingly, preferentially to being neighbours' message of unallocated address except described IPv6 addressOther neighbours' message is carried out address resolution processing;
Wherein, described neighbours' message is neighbor advertisement message or neighbor request message.
Technique effect of the present invention is: by judging IPv6 address in the neighbours' message in router whetherFor unallocated address, the neighbours' message that is unallocated address to IPv6 address is processed accordingly, to havePreferentially other neighbours' message the neighbours' message that is unallocated address except this IPv6 address is carried out to addressDissection process, therefore, has prevented in address resolution procedure effectively because the extraneous DoS attack causing is existingResemble, reduced the potential safety hazard in address resolution procedure, and effectively improved the peace of address discovery protocolQuan Xing, robustness and stability.
Brief description of the drawings
Fig. 1 is the flow chart of an embodiment of address resolution processing method of the present invention;
Fig. 2 is the flow chart of another embodiment of address resolution processing of the present invention;
Fig. 3 is the flow chart of another embodiment of address resolution processing of the present invention;
Fig. 4 a is the form schematic diagram of existing neighbor request message;
Fig. 4 b is the form schematic diagram of neighbor request message of the present invention;
Fig. 5 a is the form schematic diagram of existing neighbor advertisement message;
Fig. 5 b is the form schematic diagram of neighbor advertisement message of the present invention;
Fig. 6 is the mode field Definition Principle figure of address resolution of the present invention;
Fig. 7 is the also flow chart of an embodiment of address resolution processing of the present invention;
Fig. 8 is the flow chart of another embodiment of address resolution processing of the present invention;
Fig. 9 is a structural representation of address resolution treating apparatus of the present invention.
Detailed description of the invention
Fig. 1 is the flow chart of an embodiment of address resolution processing method of the present invention, as shown in Figure 1,The method of the present embodiment comprises:
Step 101, judge whether the IPv6 address in the neighbours' message in router is unallocated address.
In the present embodiment, this neighbours' message can be neighbor request (NeighborSolicitation; Be called for short:NS) message or neighbor advertisement (NeighborAdvertisement; Be called for short: NA) message. Wherein,This neighbor request message can be the neighbor request message that main frame or other router send, and can be alsoRouter sends to the neighbor request message of other router. This neighbor advertisement message can be other routeDevice sends to the neighbor advertisement message of router, also can send to for this router the neighbor advertisement of main frameMessage.
Step 102, the neighbours' message that is unallocated address to IPv6 address are processed accordingly, with excellentFirst other neighbours' message the neighbours' message that is unallocated address except this IPv6 address is carried out to address solutionAnalyse processing.
In the present embodiment, preferred, judge that whether IPv6 address in the neighbours' message in router isUnallocated address, comprising:
Queried access control list, judges that whether IPv6 address in the neighbours' message in router is for not dividingJoin address.
Concrete, if the IPv6 address in neighbours' message not in this ACL, is thoughtIPv6 address in this neighbours' message is unallocated address.
In the present embodiment, by judging that whether IPv6 address in the neighbours' message in router is for not dividingJoin address, the neighbours' message that is unallocated address to IPv6 address is processed accordingly, preferentially right to haveOther neighbours' message except neighbours' message that this IPv6 address is unallocated address carry out address resolution placeReason, therefore, has prevented the DoS attack phenomenon causing because of the external world in address resolution procedure effectively, subtractsLacked the potential safety hazard in address resolution procedure, and effectively improved address discovery protocol security,Robustness and stability.
Fig. 2 is the flow chart of another embodiment of address resolution processing of the present invention, shown in above-mentioned Fig. 1On the basis of embodiment, as shown in Figure 2, the specific implementation of step 102 is:
Step 102a, the priority of the neighbours' message in this router is set;
Step 102b, according to the priority of this neighbours' message, according to priority order from high to low, rightThis neighbours' message is carried out address resolution processing; Wherein, IPv6 address is neighbours' message pair of unallocated addressThe priority of answering is lower than other neighbours' message the neighbours' message that is unallocated address except this IPv6 addressCorresponding priority.
Preferably, the specific implementation of step 102a can have several as follows:
The first: if being this router, this neighbours' message receives, and the message that need to respond,It is the first priority that priority corresponding to this neighbours' message is set.
In the present embodiment, take neighbours' message as example as neighbor request message, due to no matter be to separate in addressAnalyse or in the unreachable detection of neighbours, neighbor request message do not responded in time and all can cause attackingGeneration, in addition, the neighbor request message in the unreachable detection of neighbours is not responded, also can causeNeighbours delete the neighbor cache list item (NeighborCacheEntry of appropriate address; Be called for short: NCE),Thereby cause follow-up NS message to use multicast again to ask. Wherein, neighbor cache list item is oneBe used for the list item of the data structure that records neighbor information; It is one group of list item about single neighbours. List itemBe the key that connects unicast address, the information that it comprises has: its link layer address, instruction neighbours are routesDevice or the mark of main frame, point to any pointer of having waited in line address resolution packet etc. NeighboursBuffer list entry also comprises by neighbours and do not reach the information that detection algorithm uses, as reachable state, survey without shouldThe number of times of answering and next time neighbours do not reach the time occurring of detecting.
In addition, once this neighbor cache list item is deleted, the flow of current this list item of use will be not can be byForward, until address resolution is successfully completed. Therefore, need to by receiving, other router send, andThe corresponding priority of the neighbor request message that need to respond is set to the first priority, above-mentioned neighboursThe neighbor request message pair that the priority that request message is corresponding is unknown link layer address higher than link layer addressThe priority of answering, preferentially carries out dissection process to above-mentioned neighbor request message.
The second: if being this router, this neighbours' message receives, and for refreshing neighbor cache list itemSo that the message that this neighbor cache list item comes into force, priority corresponding to this neighbours' message be set be second excellentFirst level.
In the present embodiment, as a part for the unreachable detection of neighbours, neighbours find to need constantly brushThe new neighbor cache list item using existing. In addition, if owing to not upgrading and exist timelyNeighbor cache list item, those neighbor cache list items will be dropped. But, use for currentNeighbor cache list item, if abandon this neighbor cache list item, must cause later use multicastAgain initiate address resolution request message, once the current neighbor cache list item using is deleted,The current flow that need to use this neighbor cache list item will can not be forwarded, until address resolution is successfully completed.Therefore, by receiving, this other router sends, and the neighbor cache list item that need to refresh comes into force againPriority corresponding to neighbours' message be set to the second priority, priority corresponding to above-mentioned neighbours' message is highPriority corresponding to neighbours' message that is unknown link layer address in link layer address, preferentially to above-mentioned neighbourOccupy message and carry out dissection process.
The third: is if this neighbours' message is the message that this router need to send to this other router,It is the 3rd priority that priority corresponding to this neighbours' message is set.
In the present embodiment, for the stability of retentive control face, can be by relevant to neighbours' discovery behaviorPriority corresponding to neighbours' message of sending as source taking router be set to the 3rd priority, thereby makeNeighbours' message pair that priority corresponding to above-mentioned neighbours' message is unknown link layer address higher than link layer addressThe priority of answering, preferentially carries out dissection process to above-mentioned neighbours' message, once and then occur network failure,Can inquire about as early as possible and access router, to debug and other operations.
The 4th kind: if this neighbours' message be not message that this router receives and that need to respond orThe message that this neighbor cache list item comes into force is used for refreshing neighbor cache list item so that neither need by this routerSend to the message of other router, and IPv6 address in this neighbours' message is unallocated address,The priority that this neighbours' message is set is the 4th priority.
Wherein, this first priority is greater than this second priority; It is the 3rd preferential that this second priority is greater thanLevel; The 3rd priority is greater than the 4th priority.
In the present embodiment, preferably, four queues can be set in router, be respectively high preferentialLevel queue (top), medium priority queue (middle), normal priority queue (normal) and low excellentFirst level is to row (low), and wherein, the priority of high-priority queue is greater than the priority of medium priority queue,The priority of medium priority queue is greater than the priority of normal priority queue, normal priority queue excellentFirst level is greater than Low Priority Queuing.
Take neighbours' message as example as neighbor request message, the neighbor request that is the first priority by priority disappearsCeasing the neighbor request message of putting into high-priority queue (top), be the second priority by priority puts intoMedium priority queue (middle), the neighbor request message that is the 3rd priority by priority are put into normally excellentFirst level queue (normal) and the neighbor request message that is the 4th priority by priority are put into low priorityQueue (low). Neighbor request message in each queue is carried out address resolution processing according to FIFO principle.
First the neighbor request message in high-priority queue is carried out to address resolution processing according to FIFO principle;When the neighbor request message in high-priority queue is while being empty, then neighbor request in centering priority queryMessage is carried out address resolution processing according to FIFO principle; Neighbor request message in central priority query isWhen empty, the neighbor request message in normal priority query carry out address resolution place according to FIFO principleReason; In the time that the neighbor request message in normal priority queue is sky, to the neighbours in Low Priority QueuingRequest message carries out address resolution processing according to FIFO principle.
More preferably, can also be according to actual environment, adopt corresponding measure that the large of request queue is setLittle, carry out the speed of control link address resolution with this, thereby realize, neighbours are found to possible attack carries outDefence.
Fig. 3 is the flow chart of another embodiment of address resolution processing of the present invention, shown in above-mentioned Fig. 2On the basis of embodiment, as shown in Figure 3, the specific implementation of step 102b is:
Step 102b1, parameter corresponding to neighbours' message receiving according to this router, obtain and this ginsengCorresponding pre-warning mark position and the early warning types of number, and this pre-warning mark position and this early warning type are carried at rightIn neighbours' message of answering.
Concrete, this parameter can be the speed of neighbours' message or priority institute corresponding to this neighbours' messageQueue length etc.
Step 102b2, according to the pre-warning mark position in this neighbours' message, judge that this neighbours' message is whether strongHealth; If healthy, perform step 102b3; If unhealthy, perform step 102b4.
Step 102b3, according to the priority of this neighbours' message, according to priority order from high to low,This neighbours' message is carried out to address resolution processing. Finish.
Step 102b4, abandon this neighbours' message, and the early warning type in this neighbours' message is carried in advanceIn alarming information, send to main frame, this main frame is the main frame that sends this neighbours' message.
In the present embodiment, can also detect notice to the health status of address resolution, concrete,(figure place wherein needing can detect according to reality can to utilize in neighbor request message reservation position separatelyType how much adjust accordingly) carry out health status in address resolution procedure and notice and process. Figure4a is the form schematic diagram of existing neighbor request message, the form that Fig. 4 b is neighbor request message of the present inventionSchematic diagram, the form schematic diagram that Fig. 5 a is existing neighbor advertisement message, Fig. 5 b is that neighbours of the present invention are logicalAccuse the form schematic diagram of message, the mode field Definition Principle figure that Fig. 6 is address resolution of the present invention, as figureShown in 4a, 4b, 5a, 5b to 6, the reservation position in Fig. 4 a and Fig. 5 a is defined as to address resolution procedureHealth status field, wherein, by early warning (warming) flag bit and early warning type (warmingtype)Two field compositions. In the time that pre-warning mark position equals 0, represent neighbours' message health of address resolution, nothingUnusual condition, processes this neighbours' message. When pre-warning mark position equals 1, represent this address resolutionNeighbours' message is unhealthy, abandons this neighbours' message, triggers early warning event simultaneously, and reads follow-up phaseAnswer early warning type, send early warning information, and this early warning information is noticed to user.
Preferably, early warning type can be deposited the Exception Type of corresponding address resolution, for example: work as neighboursThe speed of message is more than or equal to the upper of above-mentioned predetermined threshold value prescribes a time limit, and this pre-warning mark position is 1, represents groundNeighbours' message that resolve location is unhealthy, and early warning type is 00001; When the speed of neighbor request message is less thanOr in limited time this pre-warning mark position is 1 to equal above-mentioned predetermined threshold value lower, represents that the neighbours of address resolution disappearCease unhealthyly, early warning type is 00010; When the queue length at priority place corresponding to this neighbours' messageBe less than under queue thresholds and prescribe a time limit, this pre-warning mark position is 1, represents that neighbours' message of address resolution is unhealthy,Early warning type is 00011; When the queue length at priority place corresponding to this neighbor request message is greater than teamWhen row upper threshold, this pre-warning mark position is 1, represents that neighbours' message of address resolution is unhealthy, pre-Alert type is 00100. It should be noted that, the present embodiment is not as limit, and pre-warning mark position is with pre-Alert type can be carried out different settings according to user's actual needs.
Fig. 7 is the also flow chart of an embodiment of address resolution processing of the present invention, shown in above-mentioned Fig. 1On the basis of embodiment, as shown in Figure 7, the another kind of specific implementation of step 102 is:
Step 102c, the neighbours' message that to IPv6 address is unallocated address is carried out to the speed of dissection processReduce, to make the speed after reduction be less than or equal to predetermined threshold value, to removing this IPv6 address to be preferentiallyOther neighbours' message outside neighbours' message of unallocated address is carried out address resolution processing.
In the present embodiment, this neighbours' message that is unallocated address to IPv6 address is carried out to dissection processRate reduction, with make reduce after speed be less than or equal to predetermined threshold value. Wherein, this predetermined threshold valueCan arrange arbitrarily according to demand.
Preferably, can be by the Command Line Interface (Command-LineInterface of router; Be called for short:CLI) neighbours' message that this IPv6 address of order control is unallocated address is carried out the speed of dissection process,Further reduce the generation of DoS attack with this.
Fig. 8 is the flow chart of another embodiment of address resolution processing of the present invention, shown in above-mentioned Fig. 1On the basis of embodiment, as shown in Figure 8, another specific implementation of step 102 is:
Step 102d, the neighbours' message that is unallocated address by this IPv6 address abandon, to be preferentially somebody's turn to do removingIPv6 address is that other neighbours' message outside neighbours' message of unallocated address is carried out address resolution processing.
In the present embodiment, when neighbours' message arrives the speed of router when higher, router in subnetAddress resolution is carried out in trial as possible, easily forms the condition of DoS attack in this process, thereby consumesThe available resources of router, therefore, preferably, the neighbours' message that is unallocated address by this IPv6 addressThe specific implementation abandoning is: can adopt ACL (AccessControlList; Be called for short:ACL) address space that technical filter is distribution portion, or prevent that by zero route feature assailant from makingWith router attempt go resolve not have use address.
Also it should be noted that, in another embodiment of the present invention, on the basis of the various embodiments described aboveUpper, before neighbours' message is carried out to address resolution processing, the method also comprises:
Parameter corresponding to neighbours' message receiving according to this router, obtains the early warning corresponding with this parameterFlag bit and early warning type, and this early warning flag and this early warning type are carried to corresponding neighbours' messageIn;
Neighbours' message is carried out to address resolution processing, comprising:
If according to the pre-warning mark position in this neighbours' message, judge this neighbours' message health, to these neighboursMessage is carried out dissection process.
Further, the method also comprises:
If according to the pre-warning mark position in this neighbours' message, judge that this neighbours' message is unhealthy, abandon thisNeighbours' message, and the early warning type in this neighbours' message is carried in early warning information and sends to main frame, shouldMain frame is the main frame that sends this neighbours' message.
One of ordinary skill in the art will appreciate that: all or part of step that realizes above-mentioned each embodiment of the methodSuddenly can complete by the relevant hardware of programmed instruction. Aforesaid program can be stored in a computer canRead in storage medium. This program, in the time carrying out, is carried out the step that comprises above-mentioned each embodiment of the method; AndAforesaid storage medium comprises: ROM, RAM, magnetic disc or CD etc. are various can be program code storedMedium.
Fig. 9 is a structural representation of address resolution treating apparatus of the present invention, as shown in Figure 9, and this realityExecuting routine device comprises: judge module 11, processing module 12 and address resolution module 13, wherein, sentenceDisconnected module 11 is for judging whether the IPv6 address in neighbours' message of router is unallocated address;Processing module 12 is for being that neighbours' message of unallocated address is processed accordingly to IPv6 address; GroundNeighbours' message that location parsing module 13 is unallocated address for the treatment of module 12 to IPv6 address is carried out phaseAfter the processing of answering, preferential to other neighbours the neighbours' message that is unallocated address except this IPv6 addressMessage is carried out address resolution processing; Wherein, this neighbours' message is that neighbor request message or neighbor advertisement disappearBreath.
The address resolution treating apparatus of the present embodiment can execution graph 1 shown in the technical side of embodiment of the methodCase, it is similar that it realizes principle, repeats no more herein.
In the present embodiment, by judging that whether IPv6 address in the neighbours' message in router is for not dividingJoin address, the neighbours' message that is unallocated address to IPv6 address is processed accordingly, preferentially right to haveOther neighbours' message except neighbours' message that this IPv6 address is unallocated address carry out address resolution placeReason, therefore, has prevented the DoS attack phenomenon causing because of the external world in address resolution procedure effectively, subtractsLacked the potential safety hazard in address resolution procedure, and effectively improved address discovery protocol security,Robustness and stability.
Further, in another embodiment of the present invention, on above-mentioned basis embodiment illustrated in fig. 9Upper, this processing module 12 is specifically for arranging the priority of the neighbours' message in this router; Wherein, IPv6Address is that priority corresponding to neighbours' message of unallocated address is unallocated address lower than removing this IPv6 addressNeighbours' message outside priority corresponding to other neighbours' message.
Preferably, if processing module 12 is that this router receives specifically for this neighbours' message, and needThe message responding, the priority that this neighbours' message is set is the first priority; Or,
If this processing module 12 is that this router receives specifically for this neighbours' message, and for refreshingNeighbor cache list item so that the message that this neighbor cache list item comes into force, arranges the priority of this neighbours' messageBe the second priority; Or,
If this processing module 12 need to send to other route specifically for this neighbours' message for this routerThe message of device, the priority that this neighbours' message is set is the 3rd priority; Or,
If this processing module 12 is not that this router receives specifically for this neighbours' message and needs to doGoing out the message of response, is not for refreshing neighbor cache list item so that the message that this neighbor cache list item comes into force,Neither this router need to send to the message of other router, and IPv6 address in this neighbours' messageFor unallocated address, the priority that this neighbours' message is set is the 4th priority;
Wherein, this first priority is greater than this second priority; It is the 3rd preferential that this second priority is greater thanLevel; The 3rd priority is greater than the 4th priority.
Further, in yet another embodiment of the present invention, at above-mentioned base embodiment illustrated in fig. 9On plinth, this processing module 12 is specifically for carrying out the neighbours' message that to IPv6 address is unallocated addressThe rate reduction of dissection process, to make the speed after reduction be less than or equal to predetermined threshold value.
Further, in another embodiment of the present invention, at above-mentioned base embodiment illustrated in fig. 9On plinth, this processing module 12 abandons specifically for the neighbours' message that is unallocated address by this IPv6 address.
Further, in another embodiment of the present invention, on the basis of above-mentioned each embodiment,This device also comprises: early warning processing module, and corresponding for the neighbours' message receiving according to this routerParameter, obtains the pre-warning mark position corresponding with this parameter and early warning type, and by this pre-warning mark position and thisEarly warning type is carried in corresponding neighbours' message;
If address resolution processing module 13 specifically for this early warning processing module according in this neighbours' messagePre-warning mark position, judge this neighbours' message health, this neighbours' message is carried out to address resolution processing.
Preferably, if early warning processing module is also for according to the pre-warning mark position of this neighbours' message, judgeThis neighbours' message is unhealthy, abandons this neighbours' message, and the early warning type in this neighbours' message is carriedIn early warning information, send to main frame, this main frame is the main frame that sends this neighbours' message.
More preferred, judge module 11, specifically for queried access control list, judges in this routerNeighbours' message in IPv6 address whether be unallocated address.
Finally it should be noted that: above each embodiment is only in order to technical scheme of the present invention to be described, but not rightIts restriction; Although the present invention is had been described in detail with reference to aforementioned each embodiment, this area commonTechnical staff is to be understood that: its technical scheme that still can record aforementioned each embodiment is modified,Or some or all of technical characterictic is wherein equal to replacement; And these amendments or replacement, andDo not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme.
Claims (16)
1. an address resolution processing method, is characterized in that, comprising:
Judge whether the IPv6 address in the neighbours' message in router is unallocated address;
The neighbours' message that is unallocated address to IPv6 address is processed accordingly, with preferentially to described in removingIPv6 address is that other neighbours' message outside neighbours' message of unallocated address is carried out address resolution processing;
Wherein, described neighbours' message is neighbor advertisement message or neighbor request message.
2. address resolution processing method according to claim 1, is characterized in that, described to IPv6Address is that neighbours' message of unallocated address is processed accordingly, to removing described IPv6 address to be preferentiallyOther neighbours' message outside neighbours' message of unallocated address is carried out address resolution processing, comprising:
The priority of the neighbours' message in described router is set;
According to the priority of described neighbours' message, according to priority order from high to low, to described neighboursMessage is carried out address resolution processing; Wherein, IPv6 address is corresponding excellent of neighbours' message of unallocated addressFirst level is lower than except described IPv6 address being other neighbours' message correspondence neighbours' message of unallocated addressPriority.
3. address resolution processing method according to claim 2, is characterized in that, the described institute that arrangesThe priority of stating the neighbours' message in router, comprising:
If being described router, described neighbours' message receives, and the message that need to respond, establishThe priority of putting described neighbours' message is the first priority,
Receive if described neighbours' message is described router, and for refreshing neighbor cache list item so thatThe message that described neighbor cache list item comes into force, the priority that described neighbours' message is set is the second priority,
If described neighbours' message is the message that described router need to send to other router, institute is setThe priority of stating neighbours' message is the 3rd priority,
If described neighbours' message is not message that described router receives and that need to respond, be notFor refreshing neighbor cache list item so that the message that described neighbor cache list item comes into force, neither described routeDevice need to send to the message of other router, and IPv6 address in described neighbours' message is unallocated groundLocation, the priority that described neighbours' message is set is the 4th priority;
Wherein, described the first priority is greater than described the second priority; Described in described the second priority is greater thanThe 3rd priority; Described the 3rd priority is greater than described the 4th priority.
4. address resolution processing method according to claim 1, is characterized in that, described to IPv6Address is that neighbours' message of unallocated address is processed accordingly, comprising:
The neighbours' message that to IPv6 address is unallocated address is carried out to the rate reduction of dissection process, so thatSpeed after must reducing is less than or equal to predetermined threshold value.
5. address resolution processing method according to claim 1, is characterized in that, described to IPv6Address is that neighbours' message of unallocated address is processed accordingly, comprising:
The neighbours' message that is unallocated address by described IPv6 address abandons.
6. according to the arbitrary described address resolution processing method of claim 1 to 5, it is characterized in that, rightBefore neighbours' message is carried out address resolution processing, described method also comprises:
Parameter corresponding to neighbours' message receiving according to described router, obtains corresponding with described parameterPre-warning mark position and early warning type, and described pre-warning mark position and described early warning type are carried at correspondingIn neighbours' message;
Neighbours' message is carried out to address resolution processing, comprising:
If according to the pre-warning mark position in described neighbours' message, judge described neighbours' message health, to instituteState neighbours' message and carry out address resolution processing.
7. address resolution processing method according to claim 6, is characterized in that, also comprises:
If according to the pre-warning mark position in described neighbours' message, judge that described neighbours' message is unhealthy, loseAbandon this neighbours' message, and the early warning type in this neighbours' message be carried at and in early warning information, send to main frame,Described main frame is the main frame that sends described neighbours' message.
8. address resolution processing method according to claim 1, is characterized in that, described judgement roadWhether be unallocated address by the IPv6 address in the neighbours' message in device, comprise:
Queried access control list, judges that whether IPv6 address in the neighbours' message in described router isUnallocated address.
9. an address resolution treating apparatus, is characterized in that, comprising:
Judge module, for judging whether the IPv6 address in neighbours' message of router is unallocated groundLocation;
Processing module, for being that neighbours' message of unallocated address is processed accordingly to IPv6 address;
Address resolution module is neighbours' message of unallocated address to IPv6 address for described processing moduleAfter processing accordingly, preferentially to being neighbours' message of unallocated address except described IPv6 addressOther neighbours' message is carried out address resolution processing;
Wherein, described neighbours' message is neighbor advertisement message or neighbor request message.
10. address resolution treating apparatus according to claim 9, is characterized in that, described processingModule is specifically for arranging the priority of the neighbours' message in described router; Wherein, IPv6 address is notDistributing the priority corresponding to neighbours' message of address is the neighbours of unallocated address lower than removing described IPv6 addressPriority corresponding to other neighbours' message outside message.
11. address resolution treating apparatus according to claim 10, is characterized in that described processingIf module is that described router receives specifically for described neighbours' message, and disappearing of need to respondingBreath, the priority that described neighbours' message is set is the first priority;
If described processing module is that described router receives specifically for described neighbours' message, and forRefresh neighbor cache list item so that the message that described neighbor cache list item comes into force arranges described neighbours' messagePriority be the second priority;
If described processing module is that described router need to send to other road specifically for described neighbours' messageBy the message of device, the priority that described neighbours' message is set is the 3rd priority;
If described processing module is not that described router receives and needs specifically for described neighbours' messageThe message responding, not for refreshing neighbor cache list item so that described neighbor cache list item come into forceMessage, neither described router need to send to the message of other router, and in described neighbours' messageIPv6 address be unallocated address, the priority that described neighbours' message is set is the 4th priority;
Wherein, described the first priority is greater than described the second priority; Described in described the second priority is greater thanThe 3rd priority; Described the 3rd priority is greater than described the 4th priority.
12. address resolution treating apparatus according to claim 9, is characterized in that described processingModule is fallen specifically for the speed of the neighbours' message that to IPv6 address is unallocated address being carried out to dissection processLow, to make the speed after reduction be less than or equal to predetermined threshold value.
13. address resolution treating apparatus according to claim 9, is characterized in that described processingModule abandons specifically for the neighbours' message that is unallocated address by described IPv6 address.
14. according to the arbitrary described address resolution treating apparatus of claim 9 to 13, it is characterized in that,Also comprise:
Early warning processing module, for parameter corresponding to neighbours' message receiving according to described router, obtainsGet the pre-warning mark position corresponding with described parameter and early warning type, and by described pre-warning mark position and described pre-Alert type is carried in corresponding neighbours' message;
If described address resolution module specifically for described early warning processing module according in described neighbours' messagePre-warning mark position, judge described neighbours' message health, described neighbours' message carry out address resolution placeReason.
15. address resolution treating apparatus according to claim 12, is characterized in that, also comprise:
If early warning processing module also, for according to the pre-warning mark position of described neighbours' message, judges described neighbourOccupy message unhealthy, abandon this neighbours' message, and the early warning type in this neighbours' message is carried in advanceIn alarming information, send to main frame, described main frame is the main frame that sends described neighbours' message.
16. address resolution treating apparatus according to claim 9, is characterized in that described judgementModule, specifically for queried access control list, judges the IPv6 ground in the neighbours' message in described routerWhether location is unallocated address.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210573158.9A CN103002071B (en) | 2012-12-25 | 2012-12-25 | address resolution processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210573158.9A CN103002071B (en) | 2012-12-25 | 2012-12-25 | address resolution processing method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103002071A CN103002071A (en) | 2013-03-27 |
| CN103002071B true CN103002071B (en) | 2016-05-04 |
Family
ID=47930203
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210573158.9A Active CN103002071B (en) | 2012-12-25 | 2012-12-25 | address resolution processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103002071B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9742798B2 (en) | 2015-03-16 | 2017-08-22 | Cisco Technology, Inc. | Mitigating neighbor discovery-based denial of service attacks |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101640631A (en) * | 2008-07-28 | 2010-02-03 | 成都市华为赛门铁克科技有限公司 | Method and device for processing data package |
| CN102123182A (en) * | 2011-04-09 | 2011-07-13 | 山东师范大学 | Method for separating host identifier (HID) mark from locator based on IPV6 (Internet Protocol Version 6) address |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8660118B2 (en) * | 2010-11-19 | 2014-02-25 | Extreme Networks, Inc. | Methods, systems, and computer readable media for next hop scaling |
-
2012
- 2012-12-25 CN CN201210573158.9A patent/CN103002071B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101640631A (en) * | 2008-07-28 | 2010-02-03 | 成都市华为赛门铁克科技有限公司 | Method and device for processing data package |
| CN102123182A (en) * | 2011-04-09 | 2011-07-13 | 山东师范大学 | Method for separating host identifier (HID) mark from locator based on IPV6 (Internet Protocol Version 6) address |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103002071A (en) | 2013-03-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11012261B2 (en) | Associating VXLANs with tunnels | |
| CN106230997B (en) | Resource scheduling method and device | |
| US7539150B2 (en) | Node discovery and communications in a network | |
| US20220150181A1 (en) | Distributed database-driven resource management and locking in a cloud native mobile core network node architecture | |
| CN111176888B (en) | Disaster recovery method, device and system for cloud storage | |
| CN111628941A (en) | Network traffic classification processing method, device, equipment and medium | |
| US7602789B2 (en) | Low overhead method to detect new connection rate for network traffic | |
| CN105554121A (en) | Method and system for realizing load equalization of distributed cache system | |
| CN106549820A (en) | Recognize method, device, flow cleaning equipment and the system of network loop | |
| US20160380876A1 (en) | Populating forwarding database tables in a fabric environment | |
| CN102752146B (en) | Cluster topological graph generation method and server | |
| CN107104820B (en) | Dynamic capacity-expansion daily operation and maintenance method based on F5 server node | |
| CN108199962A (en) | Address transfer method, apparatus, the network equipment and readable storage medium storing program for executing | |
| CN107317763A (en) | Flow control method and device between a kind of client and meta data server | |
| CN108196940A (en) | Delete the method and relevant device of container | |
| CN103002071B (en) | address resolution processing method and device | |
| CN107894874A (en) | Data read-write control method, terminal and system based on super fusion storage system | |
| CN109391495A (en) | Send and receive method, apparatus, computer-readable medium and the electronic equipment of heartbeat message | |
| CN103905383B (en) | A kind of data message forwarding method, device and system | |
| US20090292675A1 (en) | System for Notification of Group Membership Changes in Directory Service | |
| CN109672618A (en) | Redundant interface processing method, device, server and storage medium | |
| CN104956346B (en) | Control error propagation caused by the failure in the calculate node of distributed computing system | |
| CN111478792B (en) | Cutover information processing method, system and device | |
| CN101232508A (en) | Equipment and method for speeding up poly spanning tree protocol network topological convergence | |
| CN115118615B (en) | Network monitoring data processing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor Patentee after: RUIJIE NETWORKS CO., LTD. Address before: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor Patentee before: Fujian Xingwangruijie Network Co., Ltd. |